Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
A Forrester Total Economic Impact™ Study
Commissioned By Absolute
February 2018
The Total Economic Impact™ Of Absolute
Cost Savings And Business Benefits Enabled By The Absolute Endpoint Visibility And Control Platform
Table Of Contents Executive Summary 1
Key Findings 1
TEI Framework And Methodology 4
The Absolute Customer Journey 5
Interviewed Organizations 5
Key Challenges 5
Key Results 7
Composite Organization 8
Financial Analysis 9
Benefit 1: Security Operations Efficiency Improvement 9
Benefit 2: IT Help Desk Efficiency Improvement 10
Benefit 3: Asset Loss Reduction 11
Benefit 4: Asset Life Cycle Optimization 13
Unquantified Benefits 14
Flexibility 15
Cost 1: License-Related Costs 16
Cost 2: Implementation And Integration Costs 17
Financial Summary 19
Absolute: Overview 20
Absolute Ensures Endpoint Visibility, Control, And Compliance Beyond the Network 20
Appendix A: Total Economic Impact 21
Project Director:
Henry Huang
ABOUT FORRESTER CONSULTING
Forrester Consulting provides independent and objective research-based
consulting to help leaders succeed in their organizations. Ranging in scope from a
short strategy session to custom projects, Forrester’s Consulting services connect
you directly with research analysts who apply expert insight to your specific
business challenges. For more information, visit forrester.com/consulting.
© 2018, Forrester Research, Inc. All rights reserved. Unauthorized reproduction
is strictly prohibited. Information is based on best available resources.
Opinions reflect judgment at the time and are subject to change. Forrester®,
Technographics®, Forrester Wave, RoleView, TechRadar, and Total Economic
Impact are trademarks of Forrester Research, Inc. All other trademarks are the
property of their respective companies. For additional information, go to
forrester.com.
1 | The Total Economic Impact™ Of Absolute
Executive Summary
Absolute is a cloud-based endpoint security solution that helps enterprises
monitor, secure, and remediate endpoints — including those that have
gone dark off-network. Absolute commissioned Forrester Consulting to
conduct a Total Economic Impact™ (TEI) study and examine the potential
return on investment (ROI) enterprises may realize by deploying Absolute.
The purpose of this study is to provide readers with a framework to
evaluate the potential financial impact of Absolute on their organizations.
To better understand the benefits, costs, and risks associated with this
investment, Forrester interviewed several customers with years of
experience using the Absolute platform and its underlying Persistence®
technology to help secure endpoint devices in the age of increasingly
mobile workforces. Beyond endpoint security, the Absolute solution
provides a “self-healing” connection between endpoints and IT
professionals to ensure endpoint agents remain present and healthy,
reducing cybersecurity risks and improving security compliance.
Before using Absolute, issues often arose at the interviewed organizations
when devices left the enterprise network. Prior solutions were unable to
provide endpoint visibility and control, which resulted in compliance
failures. In some cases, these devices disappeared altogether, making
endpoint security a difficult task. Evaluating security posture and proving
compliance was a lengthy and difficult process, which led to missed
business opportunities and corporate data exposure that prompted
regulatory ramifications. By adopting Absolute, the interviewed
organizations gained a centralized platform that more effectively assessed
and secured a wide range of endpoints.
Key Findings
Quantified benefits. The following risk-adjusted quantified present value
(PV) benefits are representative of those experienced by the companies
interviewed:
› Security operations staff saved 12 minutes per incident response.
For many interviewees, triage and analytical work comprised a large
portion of security incident responses. The constant feedback loop from
endpoints via Absolute increased visibility for security professionals, who
were then able to conclude security incidents at a significantly faster
rate. The incident responders received information upon the endpoints’
first touch to the internet rather than minutes — or even days — later.
These efficiency gains amounted to $393,904 saved over three years.
› IT help desk saved 10 minutes per request with increased and more
up-to-date information from the endpoints. The Absolute platform fed
more current and accurate information to IT help desk professionals and
automated key workflows, leading to time savings worth $140,680 over
three years.
› Absolute reduced IT asset loss and the possibility of data
breaches. Managing IT assets became increasingly difficult for the
interviewed customers, prior to deploying Absolute. Some assets were
accidentally removed, while others were maliciously stolen. This led to
an increased risk of a data breach. As a self-healing solution that
reported back or triggered automated actions based on definable
endpoint telemetry rules, Absolute reduced losses, equating to a three-
year benefit of $939,060.
Key Benefits
Security operations efficiency improvement:
$393,904
IT asset life cycle optimization:
$2,049,085
IT help desk efficiency improvement:
$140,680
2 | The Total Economic Impact™ Of Absolute
› Visibility provided by Absolute optimized asset life cycle planning
and resource allocation. Infrastructure and hardware costs could easily
run away in larger organizations. With Absolute, the organizations
gained better visibility into endpoint assets and associated infrastructure.
With Absolute-reported utilization rates, IT asset managers could better
optimize hardware, software, and people resource allocation across the
enterprise.
Unquantified benefits. The interviewed organizations also experienced
the following benefits, which are not quantified for this study:
› Near-instant validation of security posture made compliance audits
simpler. In addition to internal compliance audits, many interviewed
organizations were audited by customers, and concerned with meeting
requirements of various regulations, such as the Health Insurance
Portability and Accountability Act (HIPAA), General Data Protection
Regulation (GDPR), and the Payment Card Industry Data Security
Standard (PCI DSS). Absolute’s visibility and faster reporting on
endpoint security posture assured auditors that data was safely stored,
saving time for internal security professionals trying to demonstrate
compliance.
› Absolute Reach provided additional automation time savings for
security operations personnel. Organizations looking to extend
visibility and endpoint control capabilities could leverage Absolute Reach
to query endpoints and deploy automation commands to remediate
vulnerabilities. Absolute Persistence ensured script delivery and
execution for endpoints that went off-network or dark. Security
professionals saved time by deploying commands only once, knowing
that Absolute would send confirmation of execution.
Costs. The interviewed organizations experienced the following costs:
› License-related costs were assessed in annual or multiyear terms.
Absolute licensing can be purchased in one- to five-year terms. For the
purposes of this study, license costs were modeled as annual recurring
purchases, resulting in a PV cost of nearly $1.4 million over three years.
This is based on a large endpoint deployment and is designed to be
representative only.
› Additional costs were incurred for implementation and integration
with existing IT service management (ITSM) and security tools.
Beyond license and support costs, many interviewees encountered
costs to integrate Absolute with their existing security information and
event management (SIEM) and ITSM solutions. The effort required to
integrate the solutions and augment process flows resulted in a PV cost
of $68,590 over three years.
Forrester’s interviews with five existing customers — and subsequent
financial analysis — found that an organization based on these
interviewed organizations experienced benefits of $3.5 million over three
years versus costs of $1.4 million, adding up to a net present value (NPV)
of $2.1 million and an ROI of 146%.
ROI 146%
Benefits PV $3.5 million
NPV $2.1 million
Payback < 6 months
3 | The Total Economic Impact™ Of Absolute
1,260 hours saved by IT help desk annually
2,520 hours saved by IT
SecOps annually
$940K saved from asset
loss reduction annually
$393.9K
$140.7K
$939.1K
$2.0M
Security operationsefficiency
improvement
IT help deskefficiency
improvement
Asset loss reduction Asset life cycleoptimization
Benefits (Three-Year)
Total benefits PV, $3.5M
Total costs PV, $1.4M
Initial Year 1 Year 2 Year 3
Financial Summary
Payback:<6 months
4 | The Total Economic Impact™ Of Absolute
TEI Framework And Methodology
From the information provided in the interviews, Forrester has constructed
a Total Economic Impact™ (TEI) framework for those organizations
considering implementing Absolute.
The objective of the framework is to identify the cost, benefit, flexibility, and
risk factors that affect the investment decision. Forrester took a multistep
approach to evaluate the impact that Absolute can have on an
organization:
DUE DILIGENCE Interviewed Absolute stakeholders and Forrester analysts to gather data relative to Absolute.
CUSTOMER INTERVIEWS Interviewed five organizations using Absolute to obtain data with respect to costs, benefits, and risks.
COMPOSITE ORGANIZATION Designed a composite organization based on characteristics of the interviewed organizations.
FINANCIAL MODEL FRAMEWORK Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewed organizations.
CASE STUDY Employed four fundamental elements of TEI in modeling Absolute’s impact: benefits, costs, flexibility, and risks. Given the increasing sophistication that enterprises have regarding ROI analyses related to IT investments, Forrester’s TEI methodology serves to provide a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.
The TEI methodology
helps companies
demonstrate, justify,
and realize the
tangible value of IT
initiatives to both
senior management
and other key
business
stakeholders.
DISCLOSURES
Readers should be aware of the following:
This study is commissioned by Absolute and delivered by Forrester Consulting.
It is not meant to be used as a competitive analysis.
Forrester makes no assumptions as to the potential ROI that other
organizations will receive. Forrester strongly advises that readers use their own
estimates within the framework provided in the report to determine the
appropriateness of an investment in Absolute.
Absolute reviewed and provided feedback to Forrester, but Forrester maintains
editorial control over the study and its findings and does not accept changes to
the study that contradict Forrester’s findings or obscure the meaning of the
study.
Absolute provided the customer names for the interviews but did not participate
in the interviews.
5 | The Total Economic Impact™ Of Absolute
The Absolute Customer Journey
BEFORE AND AFTER THE ABSOLUTE INVESTMENT
Interviewed Organizations
For this study, Forrester conducted five interviews with Absolute
customers. Interviewed customers including the following:
Key Challenges
Interviewees shared a few salient points regarding challenges.
The first point was that their existing state of asset management was
inadequate for managing and securing the endpoints and the data on
those endpoints across the enterprises. The ever-increasing mobility of
their workforce exacerbated the issues, resulting in asset and data
leakage. Assets that “walked” presented issues in this new age of data
protection regulations, with compliance no longer merely a concern, but
a necessity.
Managing endpoints presented additional difficulties for the security and
help desk teams. There was a definitive need for a solution that could
reach endpoints in an automated fashion even while they were off the
enterprise network, and one that was impervious to malicious activity that
would attempt to steal or wipe data. To rapidly respond to incidents,
organizations required an endpoint agent that was rooted with
persistence in systems that offered accompanying remedial automation
and orchestration capabilities.
One interviewee from an engineering consulting firm explained: “Our
asset management was literally just spreadsheets with version control
issues. It’s been a breath of fresh air, really, for us, [with Absolute]
making sure that we have our assets, and knowing where they are and
who’s using them. The real motivation for us, though, was making sure
that our data, and our clients’ data, was safe — as that’s worth a whole
lot more than the devices themselves.”
INDUSTRY REGION INTERVIEWEE NUMBER OF ENDPOINTS AND FTEs
Public infrastructure management
North America Chief information officer 12,000 endpoints and 35,000 mobile FTEs
Multinational CPG Worldwide IT asset manager 160,000 endpoints and 145,000 mixed mobility FTEs
Healthcare North America Information security manager
16,000 endpoints and 15,000 mixed mobility FTEs
Engineering consulting Worldwide Global IT asset manager, Endpoints manager
18,000 endpoints and 16,000 mobile FTEs
Corporate legal services Europe Information security manager
7,000 endpoints and 6,000 mixed mobility FTEs
“We bought Absolute because
of our workforce being so
mobile that we needed the
ability to track the devices so
that, in the case of theft, we
would have the ability to wipe
the data. The security
compliance piece has become
a value-add that we leverage
fully today.”
CIO, public infrastructure
company
6 | The Total Economic Impact™ Of Absolute
› Organizations needed a new endpoint security solution that was
resilient and able to survive malicious or negligent attacks, even
after hard drive or OS wipes. IT managers needed to be able to
identify and freeze regulated data for the thousands of machines that
had gone dark and fallen off their asset database. Business leaders
wanted accountability for budgetary spend, data hygiene, and endpoint
agent compliance. With Absolute’s Persistence technology embedded
in the basic input/output system (BIOS) of their endpoints — deeper
than the operating system (OS) or application layer — they had the
resilience necessary to satisfy their requirements.
› Business leaders did not want to be in tomorrow’s news
headlines. With so many lost or stolen devices, IT teams needed to
look beyond drive encryption to protect their company’s data and
intellectual property (IP). What if the data was accessed? How would
they be able to prove compliance to their clients and regulatory bodies
when they couldn’t find the endpoints that were dark at the time?
These issues needed to be solved, not only for the security operations
(SecOps) professionals and compliance managers, but also for sales
executives who needed to give clients a degree of confidence to
engage in business.
› Organizations could not easily reach or handle off-network
devices that needed urgent security patches or policies for rapid
remediation. Effective incident response required the ability to
automate remediation actions across the entire network concurrently,
but the existing endpoint patching solutions had a poor rate of
completion and compliance reporting. Organizations needed a solution
that identified enterprise endpoints to validate patches and security
posture, as breaching a single endpoint could lead to more data stolen
from the enterprise network, once it resurfaced inside the network
demilitarized zone (DMZ). To combat this, automation defined by an
endpoint solution was critical to helping to orchestrate quicker incident
remediation.
› Common asset leakage of company equipment drove these
organizations to find a solution that discouraged future theft. In
speaking about his organization, one asset manager couldn’t fathom
how his organization had 20% more endpoint units than business full-
time equivalents (FTEs), even with loaner laptops accounted for. He
hypothesized that employees may have taken company laptops for
unauthorized home use. Not only did the organization need these
nonmalicious thefts to stop, but it also needed a way to counter
malicious theft.
“Absolute Persistence gives us
assurance that theft is not a
recurring scenario and that
stolen devices don’t become
breach liabilities. Our other
tools were not able to detect
these devices and give us the
sense of security that we now
have.”
InfoSec manager, healthcare
organization
7 | The Total Economic Impact™ Of Absolute
Key Results
The interviews revealed several key results from the Absolute
investment:
› Workforces have become increasingly mobile — bringing their
work and the data they need to do their job home, to client sites,
to different continents — but Absolute covered them even when
they went offline. With Absolute, machines containing regulated data
that go offline become visible as soon as any network connectivity is
available. Organizations were able to define these machines and keep
the master image and security posture of their endpoint agents as
headquarters intended it; even the most sophisticated device users
couldn’t disable it. Without Absolute, endpoints could go dark for a long
time, making security patches and posture difficult to update. Theft was
also curtailed, as geolocation information could be pulled and
machines could be frozen or wiped remotely.
› SecOps and compliance managers gained an extra layer of
protection with the power to automate remedial security response
actions, including the ability to execute remote commands and
wipe/freeze drives and devices. Security operators were empowered
with the information to best handle situations — in some instances
retrieving many hours of work on laptops that had been inadvertently
misplaced by employees. The telemetry data provided by Absolute let
people retrieve their laptops more quickly, while having their data
protected with a temporary freeze. Proving compliance after Absolute
was also a dramatically easier activity, with more current reports and
automated telemetry-based automation showing compliance on drive
encryption, antivirus, or security policies across the endpoints.
› Organizations gained the ability to look at endpoint utilization
rates— leading to better allocation of units and optimization of
overall infrastructure assets. If an endpoint was only being used for
solitaire twice a week, or other personal tasks with no business value,
why leave the asset in that location? Many IT asset managers found
cases such as this and expected to be able to either reallocate or retire
10% of the endpoints and related infrastructure. In subsequent
discussions, organizations were able to align the correct equipment
purchases with required and utilized capabilities, using insight provided
by Absolute which indicated that, for some users, overpowered devices
were simply unnecessary.
› Help desk efficiency increased as recent device information was
more consistently available. On average, IT help desk personnel
were able to save 10 minutes per call for IT requests that necessitated
a scan of the endpoint. When integrated with an ITSM, even greater
time savings were realized.
› Noncompliant software that could lead to data breaches and BSA
Software Alliance fines was detected and removed. In some cases,
multiple copies of costly software were found. Some of the software
removed included pirated versions, avoiding additional new security
issues on the east-west traffic portion of the network.
› Theft decreased once Absolute was deployed. While some
interviewees noted consistent losses prior to Absolute, both malicious
and nonmalicious theft decreased greatly as potential thieves realized
stolen devices were now worthless to them.
“One of our largest challenges
with our remote workforce was
the ability to monitor and help
users on the endpoints. As our
IT staff has consolidated over
the years, Absolute helps us
by enforcing our policies,
instead of using our people
resources.”
CIO, public infrastructure
company
“There’s nothing else out there
that gives us that complete
visibility of our devices. . . .
And it’s very much an
insurance policy for us,
knowing that, as much as we
protect our data, should the
devices disappear, we can
safely say to our clients, ‘The
data has been wiped; you
don’t need to worry.’”
InfoSec manager, corporate legal
services company
8 | The Total Economic Impact™ Of Absolute
Composite Organization
Based on the interviews, Forrester constructed a TEI framework, a
composite company, and an associated ROI analysis that illustrates the
areas financially affected. The composite organization is representative
of the five companies that Forrester interviewed and is used to present
the aggregate financial analysis in the next section. The composite
organization that Forrester synthesized from the customer interviews has
the following characteristics:
Description of composite. This is a multibillion dollar organization
doing business around the world. Employees travel, often accessing
multiple network connections. Due to the transient nature of the
workforce, most endpoint devices are PC laptops, complete with disk
encryption and the latest antivirus (AV) software. The work provided by
the composite collects a large amount of PII (personally identifiable
information) and is regulated by bodies throughout the globe.
GDPR is a concern, as is the enterprise’s coverage of various parts of
Europe. Many locales dictate data residencies within those countries.
Without a data center in all of the various countries, some data will
inevitably need to be saved locally, making encryption and endpoint
monitoring especially important.
Deployment characteristics. Much of the Absolute deployment was
done in the initial year, taking no more than the first week to have
everything running with the cloud command center. Endpoint
management and security were consolidated and used to:
1) Provide asset management of endpoints easily in one location.
2) Enable information sharing with the security tool stack generally,
and SIEM in particular.
3) Optimize SecOps and help desk productivity with greater
endpoint visibility.
Key assumptions
- 16,000 business FTEs
- 18,000 endpoint devices
- Mobile workforce largely
using laptop PCs
9 | The Total Economic Impact™ Of Absolute
The table above shows the total of all benefits across the areas listed below, as well as present values (PVs) discounted at 10%. Over three years, the composite organization expects risk-adjusted total benefits to be a PV
of more than $3.5 million.
Financial Analysis
QUANTIFIED BENEFIT AND COST DATA AS APPLIED TO THE COMPOSITE
Benefit 1: Security Operations Efficiency
Improvement
Interviewees experienced approximately 1,000 security-related incidents
per month, occurring most frequently at the endpoint level; for example,
an end user opening a malicious email attachment. These incidents are
on the rise and can be much higher in certain verticals.
Organizations could more quickly identify and remediate endpoints
because of the more frequent logging provided by the Absolute platform,
especially when used in conjunction with SIEMs.
› Without Absolute, the data from endpoints was at times very stale,
requiring a fresh pull that often lengthened the mean-time-to-fix.
› Security incident responders spent the greatest amount of time to
triage and analyze the incidents, which most frequently originate from
the endpoint. Using Absolute’s rapid information delivery as soon as
a device appeared online, security responders saved as much as 12
minutes per incident. When Absolute was used in conjunction with
SIEMs and incident response solutions, the savings were even
greater.
Every second counts when it comes to the time-to-know aspect of
security incidents. Organizational data might be stolen as a responder
is still solving the issue. Having Absolute is the safety net that allows
organizations to freeze the endpoint to stem any damage and then
remediate and return the endpoint to productivity.
The composite organization has not been modeled to include the value
of data breaches, but reports on the cost of similar breaches are widely
available from Ponemon Institute. Instead, the hard cost of SecOps
effort and time has been captured and represented in the table below.
Over three years, the composite organization realized $393,904 in PV.
Information security
professionals can save 12
minutes in the analysis
and triage phase on every
security-related response
with Absolute.
Total Benefits
Ref. Benefit Year 1 Year 2 Year 3 Total Present Value
Atr Security operations efficiency improvement
$151,200 $158,760 $166,698 $476,658 $393,904
Btr IT help desk efficiency improvement
$54,000 $56,700 $59,535 $170,235 $140,680
Ctr Asset loss reduction $385,560 $364,354 $382,572 $1,132,486 $939,060
Dtr Asset life cycle optimization $1,231,200 $575,618 $604,399 $2,411,218 $2,049,085
Total benefits (risk-adjusted) $1,821,960 $1,155,433 $1,213,204 $4,190,597 $3,522,729
10 | The Total Economic Impact™ Of Absolute
IT help desk efficiency improvement: 4% of total
benefits
Benefit 2: IT Help Desk Efficiency Improvement
Each interviewed organization had some form of IT ticketing system. By
integrating Absolute to feed more up-to-date endpoint information to their
ITSM solution, help desk personnel could more quickly understand the
situation surrounding a service request.
Prior to using Absolute, their dark endpoints often had disparity in their
patches and software versions, causing additional investigational work
for the team. Integrations with ITSM solutions made the job easier, and
even without a formal IT ticketing system, the freshness of Absolute data
contributed to a decrease in the detective work that IT had to perform.
For the composite organization, Forrester assumes that:
› The IT help desk handles 15,000 service-related requests in a month,
with 5% user growth yearly.
› The percentage of service requests requiring an endpoint assessment
is conservatively 20%.
› Absolute provides, on average, 20% better resolution to endpoints
than existing solutions.
› IT help desk personnel can realize savings of 10 minutes per incident
with Absolute in place.
The total gain in efficiency netted the composite organization a minimum
of 1,200 hours per year, and possibly more with deeper integrations with
ITSM systems. Total three-year savings were $140,680 PV.
Security Operations Efficiency Improvement: Calculation Table
Ref. Metric Calculation Year 1 Year 2 Year 3
A1 Endpoint management triage savings per incident (minutes)
12 12 12
A2 Endpoint-related security incidents 1,000 monthly * 12 months + 5% annual growth
12,000 12,600 13,230
A3 Security operations professional hourly rate
$105,000 annually * 1.2X benefits multiplier / 2,000 hours
$63 $63 $63
At Security operations efficiency improvement A1*A2*A3/60 $151,200 $158,760 $166,698
Risk adjustment 0%
Atr Security operations efficiency improvement (risk-adjusted)
$151,200 $158,760 $166,698
4%
three-year benefit PV
$140,680
11 | The Total Economic Impact™ Of Absolute
Asset loss reduction: 27% of total benefits
Benefit 3: Asset Loss Reduction
The large global consumer packaged goods (CPG) organization that
Forrester interviewed was losing over 2% of endpoint devices per year,
with one-third of that loss to intentional theft alone. The value of the
asset loss was over $1 million annually, without even considering the
potentially astronomical value of the data.
One organization characterized its data as heavy in PII and client IP.
“Having Absolute gives us that safety net to make sure that none of the
data ends up in the wrong hands,” said one information security
manager. “We are quizzed on and audited by our clients regularly — and
we have to show that we are compliant. So, the value is really in the
data.”
› Forrester has chosen not to quantify the value of data across these
enterprises, as its value — and varying likelihood of breaches —
translates to different negative results for companies across different
verticals.
› It is, however, possible to quantify endpoint asset loss, including units
that are removed inadvertently and those units taken with malicious
intent.
IT Help Desk Efficiency Improvement: Calculation Table
Ref. Metric Calculation Year 1 Year 2 Year 3
B1 Help desk service requests 15,000 monthly * 12 months + 5% annual growth
180,000 189,000 198,450
B2 Percentage of service requests requiring endpoint assessments
20% 20% 20%
B3 Percentage improvement on updated endpoint information compared to existing solution
20% 20% 20%
B4 Minutes saved with up-to-date endpoint information, per request
10 10 10
B5 Hourly salary of IT help desk responder
$75,000 annually * 1.2X benefits multiplier / 2,000 hours
$45 $45 $45
Bt IT help desk efficiency improvement B1*B2*B3*B4*B5/60
$54,000 $56,700 $59,535
Risk adjustment 0%
Btr IT help desk efficiency improvement (risk-adjusted)
$54,000 $56,700 $59,535
27%
three-year benefit PV
$939,060
12 | The Total Economic Impact™ Of Absolute
Impact risk is the risk that the business or technology needs of the organization may not be met by the investment, resulting in lower overall total benefits. The greater the uncertainty, the wider the potential range of outcomes for benefit estimates.
Using our composite modeling of indicators presented by all interviewees, Forrester has concluded:
› Endpoints going dark as a result of human error or negligence are
highly recoverable, especially when compared to those taken with
malicious intent.
› Nonmalicious losses occur roughly 2% of the time across the endpoint
landscape; on average, 80% of these can be recovered. Devices can
be frozen if the incident happened very recently, avoiding a full image
restore.
› Malicious endpoint losses occur on a much less frequent rate: 0.5%
across the enterprise. An example is laptops taken by an employee or
contractor, who then attempts to sell the unit. Recovery rates on these
are generally poor, at around 20%.
› If there is a malicious endpoint loss:
• The device can be wiped remotely, limiting the damage to the
loss of equipment.
• The machine will be locked and unusable, and turning it on will
display a message indicating that the machine was stolen.
• Thieves are less likely to steal from the organization again, as
all machines will turn into zero-value units.
• Processes built around Absolute for device management also
contribute to the decrease of internally arising theft.
Considering these loss rates and the average cost of laptops, the
composite organization reaped a three-year PV benefit of $1,043,400.
Impact risk was applied to this benefit group due to the variability in
endpoint costs and existing processes surrounding theft prevention. To
reflect this risk, Forrester has downward adjusted the benefit value by
10% for a risk-adjusted three-year PV of $939,060.
Recover up to 80% of
endpoint devices lost
due to nonmalicious
intent.
Asset Loss Reduction: Calculation Table
Ref. Metric Calculation Year 1 Year 2 Year 3
C1 Total endpoints on Absolute 18,000 17,010 17,861
C2 Nonmalicious endpoint loss rate — taken home or forgotten inadvertently
2.0% 2.0% 2.0%
C3 Malicious endpoint loss rate 0.5% 0.5% 0.5%
C4 Nonmalicious loss recovery rate 80% 80% 80%
C5 Malicious loss recovery rate 20% 20% 20%
C6 Cost of endpoint point hardware, per unit $1,400 $1,400 $1,400
Ct Asset loss reduction ((C1*C2*C4)+(C1*C3*C5))*C6
$428,400 $404,838 $425,080
Risk adjustment ↓10%
Ctr Asset loss reduction (risk-adjusted) $385,560 $364,354 $382,572
13 | The Total Economic Impact™ Of Absolute
Asset life cycle optimization: 58% of total
benefits
Benefit 4: Asset Life Cycle Optimization
Interviewed organizations’ IT teams were consistently under pressure to
deliver better experiences while reducing budgets for infrastructure and
people. With the Absolute platform in play, the organizations
encountered better and more accurate visibility into their endpoints and
the infrastructure that served them. Without Absolute Persistence
technology, budgeting and planning for new systems was often
uninformed by accurate data, with devices allocated in an ad hoc
manner.
› Following the introduction of Absolute, some organizations were able
to find underutilized assets — to the tune of 10% of all endpoints in the
initial year of use. For example, some laptops were only used once a
week for light utility, forming the basis for organizations to consolidate
or sunset them altogether.
› As some of the software was still licensed at the device level, systems
that were retired decreased the ongoing cost of software licensing.
› Support costs, calculated at 20% of the hardware and software value,
were eliminated for the 10% of endpoints that were sunsetted. The
initial cost of the endpoint hardware was not counted toward final
savings figures.
Forrester assumes that for the composite organization, no financial benefit will arise from the sunsetting of the hardware itself, as it is depreciated across a three-year timeline. Software and support costs were ongoing and have thus been included in the results. Continued usage of Absolute in years 2 and 3 introduced additional optimization: avoidance of 2% of yearly endpoint, software, and infrastructure purchases through better allocation of existing resources and total visibility of usage trends.
The value gained from optimizing the allocation and sunsetting some endpoints amounted to $2,276,761 PV over three years for the composite organization. Refresh cycles were now aligned with enterprise needs, rather than being tied to formal three-year refresh cycles.
The benefit outcome of this grouping may change for organizations that
are moving toward user-based software-as-a-service (SaaS) licenses,
which can reduce savings from endpoint resource allocation
optimization. Forrester identifies this as an impact risk.
To account for this risk, Forrester adjusted this benefit downward by
10%, yielding a three-year, risk-adjusted total PV of $2,049,085.
Upwards of 10% of
existing endpoints can
be retired after visibility
created by Absolute.
58%
three-year benefit PV
$2.0 million
14 | The Total Economic Impact™ Of Absolute
Unquantified Benefits
While not quantified, interviewees experienced additional benefits that
Forrester deems important in the evaluation of Absolute. They are as
follows:
› Compliance- and audit-related activity became more efficient for
both security professionals and auditors. With standard endpoint
software solutions, organizations saw rates of 85% to 90%. To
determine this, a query would have to be broadcast, which could miss
devices that were off the network or powered off. With Absolute
Persistence technology, pings only needed to be sent once and
returned when connectivity was reestablished. This resulted in higher
visibility for compliance auditors, for both security posturing and data
protection. By eliminating the need to constantly ping and guess the
state of some endpoint devices, auditors and security professionals
could complete their jobs considerably faster, for as many as 40
audits — e.g., SOX, client-requested, or internal IT — every year.
› Application Persistence — the ability to remediate applications
on the endpoint — further decreased IT help desk and
compliance-related efforts. Encryption, security, and other key
applications that were necessary on endpoints became impervious to
end user modification and removal. Application Persistence
eliminated the need for IT help desk personnel to redistribute or
configure applications while ensuring that compliance coverage was
continuous.
“We were only able to
visibly account for 90% of
our endpoint devices
previously, and never
mind what that meant for
compliance. We’re now
able to track 99% or
greater of our devices —
down to the geolocation
and activity level.”
~IT asset manager,
multinational CPG
Asset Life Cycle Optimization: Calculation Table
Ref. Metric Calculation Year 1 Year 2 Year 3
D1 Value of endpoints and associated infrastructure retired — hardware
10% of total endpoints/ infrastructure being underutilized
$2,520,000
D2 Value of software licenses associated to endpoints retired
$400 per endpoint $720,000 $136,080 $142,884
D3 Support cost of endpoints retired (D1+D2)*20% $648,000 $27,216 $28,577
D4 New refresh purchases avoided inclusive of hardware and software
2% of new refresh purchases
$476,280 $500,094
Dt Asset life cycle optimization D2+D3+D4 $1,368,000 $639,576 $671,555
Risk adjustment ↓10%
Dtr Asset life cycle optimization (risk-adjusted) $1,231,200 $575,618 $604,399
15 | The Total Economic Impact™ Of Absolute
› Pirated and noncompliant software was eliminated from
endpoints, reducing organizational liability and security risk. With
Absolute, some interviewees could identify noncompliant software and
remove it from the machines. While not every organization will
experience this benefit, the ramifications of such misuse can lead to
more than merely fines from the BSA. Software such as peer-to-peer
file transfers can lead to increased risk in the form of malicious code
and increased infrastructure usage.
Flexibility
The value of flexibility is unique to each customer, and the measure of its
value varies from organization to organization. There are multiple
scenarios in which a customer might choose to implement Absolute and
later realize additional uses and business opportunities:
› Some of the interviewed organizations had recently begun using
Absolute Reach, allowing them to increase SecOps efficiency by
scripting custom commands and deploying a single time across the
enterprise. Applying custom queries and dictating custom scripts to the
endpoints is possible in the latest version of Absolute’s platform. With
Reach technology, security professionals need only to deploy once, as
all endpoints will receive the instruction set upon connection to the
internet. The uses of such scripts are many, but the real productivity
booster is being able to orchestrate and automate endpoint actions
with the “deploy once” characteristic on Absolute versus multiple
deployment efforts with other solutions.
Flexibility would also be quantified when evaluated as part of a specific
project (described in more detail in Appendix A).
16 | The Total Economic Impact™ Of Absolute
The table above shows the total of all costs across the areas listed below, as well as present values (PVs) discounted at 10%. Over three years, the composite organization expects risk-adjusted total costs to be a PV of more than $1.4 million.
Cost 1: License-Related Costs
License costs were the largest portion of costs assumed by the
composite organization. Licenses were bought on a yearly schedule, to
account for anticipated changes in its infrastructure and endpoint asset
base. Support costs were also added, for a final three-year PV cost of
$1.36 million.
› Absolute licensing costs are based upon retail list pricing at the
annual level for a specific number of total endpoints. Negotiations and
longer-term contracts could lower the license and support costs.
Contact an Absolute salesperson to receive a more exact pricing
schedule for your organization.
› Pricing includes features available at the time of the survey
completion, which includes the Absolute Reach capability and
Application Persistence.
› Licensing costs have taken into account both user growth and
retirement of underutilized endpoint assets, as reflected by the lower
costs in Year 2.
› Many of the interviewed organizations initiated the journey to adopt
Absolute through hardware vendors. Negotiating through them is one
option; others include purchasing through systems implementers, or
Absolute directly.
› The purchase of an entire new wave of endpoint devices at one time is
not standard. Forrester recommends exploring purchase options with
all available channels to determine the best fit for your purchase.
There is very little risk of the licensing to exceed the list pricing modeled
for the composite organization. Over a three-year horizon, Forrester
estimates the total PV cost to be $1,362,027.
Total Costs
Exploring all channels of
purchase may yield a
lower cost of licensing,
especially when
purchasing in large
quantities.
Ref. Cost Initial Year 1 Year 2 Year 3 Total Present Value
Etr License-related costs $539,100 $0 $509,450 $534,922 $1,583,471 $1,362,027
Ftr Implementation and integration costs
$30,378 $21,507 $11,827 $11,827 $75,539 $68,590
Total costs (risk-adjusted) $569,478 $21,507 $521,277 $546,749 $1,659,011 $1,430,617
17 | The Total Economic Impact™ Of Absolute
Implementation risk is the risk that a proposed investment may deviate from the original or expected requirements, resulting in higher costs than anticipated. The greater the uncertainty, the wider the potential range of outcomes for cost estimates.
three-year cost PV
$68,590
Implementation, integration, and process
reengineering: 5% of total costs
Cost 2: Implementation And Integration Costs
The remaining variable piece of implementation, integration, and process
reformation comprises a small part of the overall costs. Implementation-
related work amounted to less than 5% of the entire cost representation,
coming in at $62,355 PV over three years, before risk adjustment.
Organizations varied in the degree to which they incorporated and
utilized Absolute. For example:
› For those that had deployed Absolute for Persistence-based asset
management, the costs were next to zero, as Absolute was already
integrated into the firmware of their devices (as it is with most device
manufacturers).
› The other organizations experienced approximately one month of
integration and implementation. These organizations, like the
composite, had taken a more engaged approach, which utilized
Absolute for compliance-, security-, and help desk-related measures.
This month was largely dedicated to piping Absolute and its data into
existing solutions such as SIEMs and ITSM. The advantage of
connecting these systems is outlined above, in the Benefits category.
Forrester blended the data from organizations that integrated Absolute
with other systems and arrived at the following findings on the equivalent
internal and external costs for the composite:
› Approximately 160 hours were utilized from internal resources —
primarily SecOps team members and DevOps personnel — to craft the
most efficient approach to funnel data from Absolute to other solutions.
› Workflows and process were also updated to ensure a smooth
carryover with the addition of Absolute.
Implementation, integration, and process improvements were largely
conducted in the first year of usage, with only incremental improvements
in subsequent years. The variability, however, is that some organizations
may choose to further leverage the Absolute solution with Application
Persistence, or to orchestrate endpoint administration through Absolute
Reach. Given these variables, Forrester has applied an implementation
risk that accounts for these additional functionality features and the
variance in cost of implementation between the labor forces of each
organization.
To account for these risks, Forrester adjusted this cost upward by 10%,
yielding a three-year risk-adjusted total PV of $68,590.
One month
Implementation and
integration took no
more than one month.
License-Related Costs: Calculation Table
Ref. Metric Calculation Initial Year 1 Year 2 Year 3
E1 License and support costs $539,100 $509,450 $534,922
Et License-related costs E1 $539,100 $0 $509,450 $534,922
Risk adjustment 0%
Etr License-related costs (risk-adjusted) $539,100 $0 $509,450 $534,922
18 | The Total Economic Impact™ Of Absolute
Implementation And Integration Costs: Calculation Table
Ref. Metric Calculation Initial Year 1 Year 2 Year 3
F1 Integration costs — internal (hours) 160
F2 Integration costs — professional services
$8,800 $8,800
F3 Process reconfiguration — internal (hours)
120 160 160 160
F4 Internal IT manager hourly compensation, fully loaded
$112,000 * 1.2X benefits multiplier / 2,000 hours
$67.20 $67.20 $67.20 $67.20
Ft Implementation and integration costs
F1*F4+F3*F4+F2
$27,616 $19,552 $10,752 $10,752
Risk adjustment ↑10%
Ftr Implementation and integration costs (risk-adjusted)
$30,378 $21,507 $11,827 $11,827
19 | The Total Economic Impact™ Of Absolute
The financial results calculated in the Benefits and Costs sections can be used to determine the ROI, NPV, and payback period for the composite organization’s investment. Forrester assumes a yearly discount rate of 10% for this analysis.
Financial Summary
CONSOLIDATED THREE-YEAR RISK-ADJUSTED METRICS
Cash Flow Chart (Risk-Adjusted)
-$1.0 M
-$0.5 M
$0.5 M
$1.0 M
$1.5 M
$2.0 M
$2.5 M
$3.0 M
Initial Year 1 Year 2 Year 3
Cashflows
Total costs
Total benefits
Cumulative net benefits
These risk-adjusted ROI,
NPV, and payback period
values are determined by
applying risk-adjustment
factors to the unadjusted
results in each Benefit and
Cost section.
Cash Flow Table (Risk-Adjusted)
INITIAL YEAR 1 YEAR 2 YEAR 3 TOTAL PRESENT VALUE
Total costs ($569,478) ($21,507) ($521,277) ($546,749) ($1,659,011) ($1,430,617)
Total benefits $0 $1,821,960 $1,155,433 $1,213,204 $4,190,597 $3,522,729
Net benefits ($569,478) $1,800,453 $634,156 $666,455 $2,531,586 $2,092,112
ROI 146%
Payback period < 6 months
20 | The Total Economic Impact™ Of Absolute
Absolute: Overview
The following information is provided by Absolute. Forrester has not
validated any claims and does not endorse Absolute or its offerings.
Absolute Ensures Endpoint Visibility, Control, And
Compliance — Beyond the Network
The Absolute platform enables IT security organizations to track every
endpoint, find at-risk data, rapidly remediate vulnerabilities, and ensure
compliance in the face of insider and external threats.
Absolute endpoint visibility and control saves organizations millions of
dollars in security operations and IT asset management costs, while
ensuring ongoing compliance. It cannot be disabled, protecting data,
assets, and users — wherever they go.
Absolute delivers:
› Deep and persistent contextual awareness into hundreds of user and
endpoint attributes to eliminate blind spots.
› Remote control over all endpoints devices to query, explore, and
remediate — even when traditional options fail.
› Rapid response to stop and remediate incidents through automated
triggers and custom workflow execution.
› Precision insights into any endpoint to mitigate risk and prove
compliance.
› Unstructured data discovery and automated remediation to protect
regulated data and ensure compliance with GDPR, HIPAA, HITECH,
PCI, and other regulations.
› Rapid vulnerability assessment and remediation to stop ransomware
attacks as they happen.
› Advanced IT asset management and security hygiene with the ability
to seamlessly execute custom commands against targeted devices in
just a few clicks.
› Instant activation across all endpoints without additional infrastructure
needed.
Absolute’s patented Persistence technology is already embedded in the
firmware of more than one billion PC and mobile devices, integrated with
hundreds of endpoint security controls, and trusted by over 15,000
customers worldwide.
To discover the benefits that Absolute’s endpoint visibility and control platform can provide to your organization, visit www.absolute.com
21 | The Total Economic Impact™ Of Absolute
Appendix A: Total Economic Impact
Total Economic Impact is a methodology developed by Forrester
Research that enhances a company’s technology decision-making
processes and assists vendors in communicating the value proposition
of their products and services to clients. The TEI methodology helps
companies demonstrate, justify, and realize the tangible value of IT
initiatives to both senior management and other key business
stakeholders.
Total Economic Impact Approach
Benefits represent the value delivered to the business by the
product. The TEI methodology places equal weight on the
measure of benefits and the measure of costs, allowing for a
full examination of the effect of the technology on the entire
organization.
Costs consider all expenses necessary to deliver the
proposed value, or benefits, of the product. The cost category
within TEI captures incremental costs over the existing
environment for ongoing costs associated with the solution.
Flexibility represents the strategic value that can be
obtained for some future additional investment building on
top of the initial investment already made. Having the ability
to capture that benefit has a PV that can be estimated.
Risks measure the uncertainty of benefit and cost estimates
given: 1) the likelihood that estimates will meet original
projections and 2) the likelihood that estimates will be
tracked over time. TEI risk factors are based on “triangular
distribution.”
The initial investment column contains costs incurred at “time 0” or at the
beginning of Year 1 that are not discounted. All other cash flows are discounted
using the discount rate at the end of the year. PV calculations are calculated for
each total cost and benefit estimate. NPV calculations in the summary tables are
the sum of the initial investment and the discounted cash flows in each year.
Sums and present value calculations of the Total Benefits, Total Costs, and
Cash Flow tables may not exactly add up, as some rounding may occur.
PRESENT VALUE (PV)
The present or current value of (discounted) cost and benefit estimates given at an interest rate (the discount rate). The PV of costs and benefits feed into the total NPV of cash flows.
NET PRESENT VALUE (NPV)
The present or current value of (discounted) future net cash flows given an interest rate (the discount rate). A positive project NPV normally indicates that the investment should be made, unless other projects have higher NPVs.
RETURN ON INVESTMENT (ROI)
A project’s expected return in percentage terms. ROI is calculated by dividing net benefits (benefits less costs) by costs.
DISCOUNT RATE
The interest rate used in cash flow analysis to take into account the time value of money. Organizations typically use discount rates between 8% and 16%.
PAYBACK PERIOD
The breakeven point for an investment.
This is the point in time at which net
benefits (benefits minus costs) equal
initial investment or cost.